In September the virus threat even hit Skype, with the
discovery of a worm that used Skype phone chat to redirect users to a website
that infected their computers. With the Cyberwars becoming more and more
heated, everyone from Microsoft and Symantec to the Department of Homeland
Security issue alerts, updates, patches and security bulletins. All of this
information and help will be to no avail without basic security awareness on the
part of every computer user.
The New Media Institute and CyberSecure Technologies have
developed a list of security fundamentals to help you protect your computer,
your workplace network, and your personal data. These guidelines are designed
to keep you conscious of computer security in the broadest possible sense. They
are by no means the only practices and procedures you should follow, but they
are certainly among the most important!
Physical Security Fundamentals
The front line in protecting your data and your computer is
securing the physical equipment itself. The risks are twofold.
There is a basic danger to your data, and therefore your
security from natural or technological causes related to our basic computer and
technology infrastructure. There is no way to prevent power failures, surges,
bad connections and faulty data transmission. You can, however, minimize the
damage to your system and your information.
More importantly, there is danger posed by the loss of
physical control of your computer. The most extensive breaches of computer data
in the past six months have been the lost laptops and unsecured workstations at
companies like SAIC and a host of government agencies. Physical security is
paramount!
Always be aware of people who have physical access to your
computer—family members, roommates, co-workers, members of a cleaning crew, and
maybe others. Physical access to your computer, whether legitimate or not, is a
key factor in cyber security. After all, the casual use of your laptop by a
person you trust going to a dangerous site or opening a suspicious email, can
blow your system out of the water.
Identifying the people who could gain remote access to your
computer is more difficult but not impossible. If you are connected to a
network at work, share files through a remote connection, or exchange data
across the Internet, you are vulnerable to a security breach. Either someone or
something can access your information.
To deal with these physical aspects of computer and data
security, we recommend the following:
• Protect your computer from physical damage:- Simple as it may sound, the first line of defense against
losing your data is to make sure your computer is safe from actual physical
damage. There are horror stories we have all heard about irreplaceable data
being lost because a laptop fell into a pool or out the back of a poorly packed
SUV. When you are using your machine, keep any liquids far from the machine
itself. And above all, make sure the cords and wires are situated so they will
not be inadvertently disconnected or pull down your computer when someone trips
over them! Keep your machine safe from harm and your data will be safe from
harm!
• Protect your computer from electrical damage:- Electrical shutoffs, power failures, and electrical surges
are all part of modern life. Your computer requires a steady “clean” source of
power in order to operate properly. Turn it off in a storm! Use a power surge
protector! Do not run motors or other heavy duty equipment (copiers, fans, air
conditioners, etc.) on the same circuit as your computer! If possible, install
an uninterruptible power supply (UPS) that will maintain enough power for your
computer to complete a normal shutdown even if the power fails.
• Protect your computer when you are not using it:- If you only step away from your computer for a few minutes,
there is enough time for a casual passerby to use your equipment. Securing your
work area, at home or the office prevents even friendly users, the kids or your
co-workers, from accidentally corrupting your system or deleting your
information. After all, it is simple to sit down at an unoccupied computer
access either the Internet or email. Your personal information is at risk when
your computer equipment is unsecured! If possible, turn your workstation or
laptop off when it is not being used. At a minimum, secure it from unwanted use
by logging off your network and putting the system into password secured
standby.
• Disconnect your computer from the Internet when you are
not using it:- We
have all left our computers connected to the Internet and walked away from
them. Permanent connections, either through a business network or DSL are
commonplace. The risk, however, is becoming more and more serious. IM sessions,
automatic program updates, email, and scripting all have risks based on their
continued connection to the Internet and the unattended nature of their
activities. If another person using IM (Instant Messenger) has an infection,
you run the risk of unwanted intrusions yourself just by being on their chat
list!
• Carefully consider your security settings:- Programs and data are only as secure as your passwords and
security settings. Operating systems, browsers, and most commercially available
software have put in place a series of options that give the user the ability
to require identification and passwords for everything from logging on to
opening a specific file. Use what your system offers! It can be tailored to
meet your needs and requirements. If the choice is ease of use or security, opt
for security. Enabling program options that increase convenience may leave you
more vulnerable. Examine all system settings, particularly the security
settings, and select options that decrease your risk of data loss or intrusion.
• Back up your data:- Files and data are lost by users all the time. We have all
accidentally erased a file. No matter how much you protect your data and the
machine that houses it, it can be lost. The hard drives we all depend on to
store our data have a fixed life expectancy. A low but significant percentage
of them fail within months of production but all of them eventually crash. In
addition, files can be damaged or destroyed by a virus or worm, a natural
event, or a problem with your equipment. A simple disruption of transmission
from the hard drive through the CPU can render a file useless. Regularly
backing up your data is a no-brainer. Using a CD, DVD, network drive, tapes, or
an external memory device will mitigate any problems created when your data is
corrupted or destroyed. How often you back up your data is a function of its
importance. If your data changes frequently or is critical to your work or
personal well-being, back up frequently.
• Protect your backups:- When you make your data backups, make sure they are kept in
a safe, secure location. It does no good to secure your PC and leave the
backups where anyone might find them!
• Guard your peripherals:- With the spread of flash drives, portable computer memory,
memory cards and mini hard drives many users store valuable data in multiple
places. This greatly lessens the chance of permanently loosing data and files
but increases the exposure you have to unauthorized access. Many of the devices
are so small they are easily misplaced or lost. Users also use these devices to
transfer files between machines without realizing a copy of the file could be
left on the device itself. Encrypt important data files on these devices. Keep
close track of miniature memory devices. Wipe them clean when a transfer has
been completed. Do not leave them in computer chip slots or USB pots. Be
careful. Your data is easily accessed if the device falls into the wrong hands.
No comments:
Post a Comment